isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

move memset() of plaintext pw outside of verify loop and only do the

Browse Source 
memset if we are *not* in standalone mode.
This commit is contained in:
Todd C. Miller
1999-08-27 20:09:15 +00:00
parent 017a9a0ad6
commit e026a2c24c
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
auth/sudo_auth.c
View File

@@ -144,7 +144,7 @@ verify_user()
/* Get the password unless the auth function will do it for us */ /* Get the password unless the auth function will do it for us */
nil_pw = 0; nil_pw = 0;
#if defined(AUTH_STANDALONE) #ifdef AUTH_STANDALONE
p = user_prompt; p = user_prompt;
#else #else
p = (char *) tgetpass(user_prompt, PASSWORD_TIMEOUT * 60, 1); p = (char *) tgetpass(user_prompt, PASSWORD_TIMEOUT * 60, 1);
@@ -161,7 +161,6 @@ verify_user()
set_perms(PERM_USER, 0); set_perms(PERM_USER, 0);
success = auth->status = (auth->verify)(sudo_user.pw, p, auth); success = auth->status = (auth->verify)(sudo_user.pw, p, auth);
(void) memset(p, 0, strlen(p));
if (NEEDS_USER(auth)) if (NEEDS_USER(auth))
set_perms(PERM_ROOT, 0); set_perms(PERM_ROOT, 0);
@@ -169,6 +168,9 @@ verify_user()
if (auth->status != AUTH_FAILURE) if (auth->status != AUTH_FAILURE)
goto cleanup; goto cleanup;
} }
#ifndef AUTH_STANDALONE
(void) memset(p, 0, strlen(p));
#endif
/* Exit loop on nil password, but give it a chance to match first. */ /* Exit loop on nil password, but give it a chance to match first. */
if (nil_pw) { if (nil_pw) {